• by Ray Schultz , May 19, 2020

Security firm Agari has identified a cybercriminal operation that it says is exploiting the COVID-19 pandemic.

The Nigerian group called Scattered Canary has been targeting eight states with a “massive fraudulent scheme,” Agari alleges. The states are Hawaii, Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, Washington, and Wyoming. 

Among other things, the group has filed at least 174 fraudulent claims for unemployment with the state of Washington since April 29. These claims would generate up to $790 a week for a total of $20,540 over a maximum of 26 weeks, according to communications sent by the state to the purported claimants. 

The potential loss to the state could hit $4.9 million, Agari says. 

In another scheme, Scattered Canary leverages Google Dot Accounts, using versions of related Gmail addresses to mass-create email accounts for each target website, Agari says.

In addition, Scattered Canary exploited Green Dot prepaid cards to "cash out" its fraudulent claims, Agari says.

Scattered Canary appeared over 10 years ago.  "We have been tracking Scattered Canary for more than one year and briefed the U.S. Secret Service on this new development yesterday," states Armen L. Najarian, CMO and chief identity officer, Agari, in a Tuesday announcement.  

Najarian adds: "Scattered Canary perpetrates a range of fraudulent schemes, including business email compromise (BEC) scams, unemployment fraud, social security fraud, student aid fraud, and now COVID-19 related fraud."